The C in CIAM Stands for “Everyone”
Auth Thoughts is a monthly newsletter produced by Team Descope, the collective consciousness of everyone at Descope. Read on for a monthly roundup from the world of identity and authentication.
CIAM = Non-workforce IAM
Workforce identity is fairly structured. Mature systems, long-standing paradigms, tight admin control.?
But if you peer under the hood of non-workforce identity management, chaos abounds. Here are some real customer use cases:
None of the examples above fall under workforce IAM. With so many of your stakeholders logging in to so many of your apps, it’s important to:
?? Provide them with a personalized experience
?? Secure their identities without adding undue friction
?? Sync these identities with other systems of record so that all your teams are on the same page
When implemented properly, CIAM can help organizations unify identities across customer-facing apps and gain a 360-degree view of the customer journey.
Our recent Identity Federation Broker announcement is a further step in this direction. Check out the demo video below where we federate identities across SAML and OIDC app connections with an external IdP.
Read about our Identity Federation Broker announcement and learn more about our federation capabilities.
Frictionless user onboarding
First impressions are worth their weight in gold. A sub-par onboarding flow and cumbersome password-based experiences can lead to unwanted user friction.?
Enter Descope Flows. In next month’s webinar, Christopher Carper and Kevin Gao from our DevRel team will use no-code workflows to:
Register for the session here.
Tutorial central
Looking for help on how to integrate Descope for a particular framework or perform certain tasks? Our DevRel team has you covered.
?? User impersonation: This video tutorial covers how to add consent-driven impersonation flows to your app for customer support, troubleshooting, and feature testing.
?? Add authentication to a Next.js 13 app: This video tutorial covers how to add Descope authentication to a Next.js 13 app with NextAuth.
领英推荐
?? SAML SSO with Microsoft Azure: This video tutorial covers how to add SAML SSO to your app using Microsoft Azure and Descope.
Concept corner
We’re always happy to talk auth when given the chance. Here are some refreshers and best practices to keep in mind.
?? The ABCs of access tokens. Access tokens are fundamental building blocks in the world of authentication and authorization. They are compact digital tokens (usually delivered as JWTs) that grant permissions to users to access certain resources. Learn how access tokens work and best practices while using them.
?? What is identity orchestration? An identity orchestration platform helps organizations create seamless user journeys across disparate identity environments. With identity orchestration, IT teams can define processes such as user registration, login, risk-based MFA, step-up authentication, and sync with external identity stores. Learn more.
Auth off the press
Here’s a recap of what’s been happening in the identity world over the past month.
?? ‘Log In With…’ Feature Allows Full Online Account Takeover for Millions | Dark Reading
?? Amazon rolls out passkey support | TechCrunch
?? WhatsApp turns on passwordless login for Android users | The Verge
Meme of the month
The meme above was posted on AuthTown, our open user community for app builders to come together and learn about authentication. We’d love to have you too!
Helpful resources
Thanks for reading Auth Thoughts! If you’d like any other updates from the world of identity and authentication included in this newsletter, please let us know in the comments below.
Here are some other links to have handy:
??? Sign up for a Descope Free Forever account.
?? Auth Thoughts, if you want to share this newsletter with others.
?? Documentation, for Descope setup instructions, SDK code snippets, and more.
?? Passwordle, if you have 5 minutes to spare and like word games.
See you in November!